Oregon Public Broadcasting reports: A ransomware group has released over a million files that the group says it stole from the Oregon Department of Environmental Quality. The files appear to include sensitive information about DEQ employees. It’s not clear if private vehicle registration data or other information related to Oregonians who don’t work at DEQ […]
Jagran reports: The Army College of Nursing website has been allegedly hacked by a Pakistan-based hacker group called Team Insane PK, days after the Pahalgam terror attack in Jammu and Kashmir. The hacker attack took place two days after India announced five strict measures against Pakistan including the suspension of the Indus Waters Treaty and declaring […]
BankInfoSecurity reports: Connecticut-based Yale New Haven Health System is notifying more than 5.5 million patients that their personal information, including Social Security numbers, could have been stolen in a March hack. The incident, which is among several other recent major health data hacks, ranks as the largest health data breach reported to federal regulator so […]
Blue Shield of California joined the ranks of entities that discovered they were unlawfully sending personal or protected health information of website visitors to advertisers via tracking pixels embedded on their sites. TechCrunch reports: Health insurance giant Blue Shield of California is notifying millions of people of a data breach. The company confirmed on Wednesday […]
Security Week reports that The city of Abilene, Texas, has been working on restoring systems that were taken offline to contain a cyberattack: The assault started on April 18, when some of the systems in the city’s internal network were reported as unresponsive, and prompted the immediate activation of the incident response plan. To secure […]
In January, Conduent reported that it had experienced an operational disruption due to a third-party compromise of one of its operating systems. They no longer refer to the incident as an “outage” and now refer to it as a “cyberattack,” but they still fail to clearly disclose whether this was a ransomware attack or not. Cybersecurity […]
The Daily Hodl reports: A car rental giant says sensitive customer data has been exposed in a cybersecurity incident involving one of its vendors. In a notice posted on its website, Hertz says that its vendor, Cleo Communications US, witnessed a zero-day vulnerability exploit late last year that enabled thieves to siphon customer data. Notifications on various […]
South Korea’s data protection regulator issued the following press release concerning recent enforcement actions (unofficial translation follows): – The PIPC calls for putting access control and other privacy-safeguarding measures in place in preparation for credential stuffing and other intrusion attempts The Personal Information Protection Commission (PIPC) held its eighth plenary meeting of 2025 and reached […]
CryptoNews reports: In a surprising turn of events, the hacker behind the $7.5 million exploit of decentralized exchange KiloEx has returned the entire sum just four days after the initial attack. On April 14, KiloEx suspended its perpetual futures trading platform following a severe security breach that resulted in attackers draining $7.5 million worth of cryptocurrency assets […]
The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Sophos writes: Read more at Sophos.